58 lines
1.5 KiB
PHP
58 lines
1.5 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature;
|
|
|
|
use App\Jobs\ProcessRevenueCatWebhook;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Illuminate\Support\Facades\Bus;
|
|
use Tests\TestCase;
|
|
|
|
class RevenueCatWebhookTest extends TestCase
|
|
{
|
|
use RefreshDatabase;
|
|
|
|
public function test_webhook_dispatches_job_with_valid_signature(): void
|
|
{
|
|
config()->set('services.revenuecat.webhook', 'shared-secret');
|
|
|
|
$payload = [
|
|
'event' => [
|
|
'app_user_id' => 'tenant-123',
|
|
'product_id' => 'pro_month',
|
|
],
|
|
];
|
|
|
|
$json = json_encode($payload);
|
|
$signature = base64_encode(hash_hmac('sha1', $json, 'shared-secret', true));
|
|
|
|
Bus::fake();
|
|
|
|
$response = $this->postJson('/api/v1/webhooks/revenuecat', $payload, [
|
|
'X-Signature' => $signature,
|
|
]);
|
|
|
|
$response->assertStatus(202)
|
|
->assertJson(['status' => 'accepted']);
|
|
|
|
Bus::assertDispatched(ProcessRevenueCatWebhook::class);
|
|
}
|
|
|
|
public function test_webhook_rejects_invalid_signature(): void
|
|
{
|
|
config()->set('services.revenuecat.webhook', 'shared-secret');
|
|
|
|
Bus::fake();
|
|
|
|
$response = $this->postJson('/api/v1/webhooks/revenuecat', [
|
|
'event' => ['app_user_id' => 'tenant-123'],
|
|
], [
|
|
'X-Signature' => 'invalid-signature',
|
|
]);
|
|
|
|
$response->assertStatus(400)
|
|
->assertJson(['error' => 'Invalid signature']);
|
|
|
|
Bus::assertNotDispatched(ProcessRevenueCatWebhook::class);
|
|
}
|
|
}
|